iptables: -p all AND --dport xx (is it possible)

Rick Stevens rstevens at vitalstream.com
Tue Apr 26 00:36:31 UTC 2005


Alan :) wrote:
> The following rule can't be applied
> 
> iptables -A INPUT -p all --dport 80 -j DROP
> 
> the above fails stating that --dport is not recognized.
> 
> I'm trying to drop all traffic to port 80. If I provide a specific protocol it works. For example: iptables -A INPUT -p tcp --dport 80 -j DROP
> 
> any ideas?

Not all protocols support ports (icmp, for example), so the statement is
somewhat nonsensical.  Try specifying "-p tcp" and "-p udp" in two
rules.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-      Always remember you're unique, just like everyone else.       -
----------------------------------------------------------------------




More information about the users mailing list